MonoNativeHook/utils.cpp at master · FateHack/MonoNativeHook · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
//
// Created by 张小佳 on 2020-04-10.
//

#include "utils/uilts.h"
#include "utils/logger.h"
#include <stdlib.h>
#include <string.h>
#include <fstream>

using namespace std;

struct _MonoImage {
    int ref_count;
    void *raw_data_handle;
    char *raw_data;
    int raw_data_len;
};

MonoImage *image = NULL; //方法所在的image

void split_str(char *str, const char *split, std::vector<char *> &ret) {
    if (!str || !split) {
        LOGD(" split error");
        return;
    }
    char *p = strtok(str, split);
    while (p) {
        ret.push_back(p);
        p = strtok(NULL, split);
    }
}

//assembly为目标程序集，可以利用程序集获取image 进一步获取
static void get_target_image(MonoAssembly *assembly, void *target_img_name) {
    if (!image) {
        MonoImage *cur_image = mono_assembly_get_image(assembly); //获取当前程序集 image
        const char *cur_image_name = mono_image_get_name(cur_image); //通过当前image 获取imageName
        //const char *cur_image_name = (const char*)((intptr_t)image+0x14); //也可以通过image这个结构体（偏移地址0x14）来获取imageName

        //与传入的imageName比较
        if (strcmp(cur_image_name, (const char *) target_img_name) == 0) {
            image = cur_image;
        }
    }
}

//path为保存路径. dll_name : Assembly-CSharp 、Assembly-CSharp-firstpass
void dump_dll(const char *path, const char *dll_name) {
    image = NULL;
    mono_assembly_foreach((MonoFunc) get_target_image, (void *) dll_name);
    if (image) {
        ofstream out(path, ios::binary);
        out.write(image->raw_data, image->raw_data_len);
        out.close();
    } else {
        LOGE("get image failed");
    }
}

MonoMethod *get_MonoMethod(std::vector<char *> vector) {
    char *imageName = vector[0];
    char *nameSpace = vector[1];
    char *className = vector[2];
    char *methodName = vector[3];
    MonoMethod *method = NULL;
    image = NULL;
    //遍历所有程序集，并获取程序集 并传入回调函数get_target_image 拿到目标image指针
    mono_assembly_foreach((MonoFunc) get_target_image, (void *) imageName);
    if (image) {
        //获取方法的MonoClass
        MonoClass *pClass = mono_class_from_name(image, nameSpace, className);
        if (pClass) {
            //拼凑完整的方法名 className::methodName
            string full_method_name;
            full_method_name.append(className);
            full_method_name.append("::");
            full_method_name.append(methodName);
            //通过完整方法名获取方法描述符
            MonoMethodDesc *pDesc = mono_method_desc_new(full_method_name.c_str(), false);
            if (pDesc) {
                //通过方法描述符在指定的MonoClass 寻找MonoMethod
                method = mono_method_desc_search_in_class(pDesc, pClass);
                if (method) {
                    //释放
                    mono_method_desc_free(pDesc);
                    return method;
                } else {
                    LOGE("method get failed");
                }
            } else {
                LOGE("pDesc get failed");
            }
        } else {
            LOGE("pClass get failed");
        }
    } else {
        LOGE("image get failed");
    }
    return NULL;
}

std::string getProcName() {
    std::string ret;
    char cmdline[256] = {0};
    FILE *fp;
    fp = fopen("/proc/self/cmdline", "r");
    if (fp) {
        fgets(cmdline, sizeof(cmdline), fp);
        fclose(fp);
        ret = cmdline;
    }
    return ret;
}